Limited Black Friday Offer:

Adobe ColdFusion - Unauthenticated File Read CVE-2023-26360 Scanner

There is an unauthenticated file read vulnerability in Adobe ColdFusion, which allow remote attackers to read arbitrary files.

Short Info

Level

Critical

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Domain, Ipv4

Parent Category

Adobe ColdFusion - Unauthenticated File Read CVE-2023-26360 Scanner Detail

Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction.

http://packetstormsecurity.com/files/172079/Adobe-ColdFusion-Unauthenticated-Remote-Code-Execution.html
https://helpx.adobe.com/security/products/coldfusion/apsb23-25.html